Last updated on November 23, 2021
Nobody wants to believe they’ll fall for a scam. Especially not any of you, my intelligent, savvy, and OPSEC-conscious friends!
Your radar is always on and carefully protecting your personal information, so you’d never click the link in that fortune-promising email, you’d never open an unexpected file attachment, and you’d certainly never send some stranger a document with your personal details on it, that’s inconceivable!!
Or is it?
What if there was a site where doing those types of things wouldn’t actually seem all that out of the ordinary? One where interacting with strangers and sharing personal information about yourself could lead to long-term gainful employment? What if the profile on the other end of that message looks polished, with a long work history of instantly recognizable company logos, a top-tier college, and a mountain of mutual connections and groups? One with a real, human, smiling face that syncs up perfectly with the nice, tidy appearance of the rest of the profile. Maybe it looks something like one of these…
Several of you are already closing this page and running to check your LinkedIn connections, which normally I’d say is probably a better use of your time than reading anything I wrote, but hang on her for a few minutes and see what else you might pick up.
Now, despite what I’m sure you all assume is my day to day online life: tidal waves of adulation, throngs of adoring fans, and a never ending barrage of “likes” and “follows”, you might be surprised to know that a handful of similarly-structured connection requests on LinkedIn would catch my attention. Several months ago, I began to receive request after request to connect with various Human Resources Specialists, Talent Acquisition Consultants, and Senior Staffing Specialists. At first glance, this could have been quite exciting; I mean hey, I’m finally getting noticed, right?! Do I need to go check my WordPress stats? Nope. Immediate red flag, I know better than that.
A quick glance down the line and I instantly noticed one thing… the profile photos all seem like GAN images (Generated Adversarial Network). Specifically, after testing with Sensity.ai, they’re StyleGAN2. If you haven’t heard of these before, you may have heard of a sites like thispersondoesnotexist.com or generated.photos which will provide you a seemingly endless supply of “fake” faces, using trained AI to attempt a realistic construction of a face that “doesn’t exist”. (Picture me saying that with air quotes, turns out those don’t work well in blogs) I say it that way because it’s been demonstrated that the images of actual people that the AI learned on are remarkably close in some cases to the “fake” ones it generates.
Tell-tale signs of these GAN photos aren’t always that easy to spot. A mismatched earring, strange wisp of hair, odd teeth perhaps. Others may be comically-easy to spot, giving much more obvious clues like partially constructed glasses, an ear that belongs on a Halloween costume, or a half cropped-out companion that looks like something out of a Stephen King novel (yes, those movies are from books). One thing is usually always right though… the eyes. Perfectly spaced, perfectly level, and generally clear as a bell.
Think about it… would you accept a connection request from this profile photo, with a recruiting job title, who sends a note saying he’d like to have you in his professional network? Most people would…
What about his oddly-constructed friend up next here… with one tiny, unpierced ear halfway up the side of their head, and some sort of Red Baron-esque goggles that reminds me of Seth Green’s character in Can’t Hardly Wait? This one would be much easier to second guess and avoid.
Anyway, back to the story… The connection requests keep coming in and eventually I get curious, as all investigative-minded researchers do, and I want to know more. What’s the motivation here? What’s the game?
Some of the profiles may offer a message with their connection request, professing their admiration for my work or interest in something I’m doing, but most are just smiling faces, awaiting my acceptance. So I let a few of them in.
I start by reviewing the profiles and I see a fairly consistently repeated pattern: smiling face, a tagline with consultant/hiring/sourcing, a generic stock art cover photo of some cityscape, a hometown anyone would recognize, 3 prior employers with unmistakable brands and a college I’d be lucky to afford cafeteria food from, let alone an education. They’re in groups, they’re well connected, and many even have endorsements for skills by seemingly real-life people using the site for actual networking.
All very interesting, but not much I can use to further explore a potential network. Reverse searching the profile photos leads nowhere, there’s no contact information being offered on the page (even after connecting), and the names offer nothing to pivot from. Visiting their connected groups and scrolling through the ranks makes it clear there are more profiles that could be consistent with what I’ve already seen, but what can I do to find them? I’m looking for something I can expand from, pivot from, some lazy mistake they’ve made that can help me see a bigger picture.
Then I notice something. Many of them have a short bio section talking about who they are, and a few of them have lazily repeated each other. BINGO! I take one of the bios, zero in on a section that seems unique enough that it won’t appear elsewhere and head over to Google to use my favorite dork!
site:linkedin.com “I’ve had an interesting career with several wonderful companies but being a world-class HR consultant and practitioner has always been my passion”
This gives me 95 unique profile results sharing that exact bio text, including my new professional pal, Winnie Hill, Human Resources Supervisor! Does poor Winnie realize that 94 other hard working recruiters and HR professionals out there are just as passionate as she about their careers (but not about originality)? A quick review of some profiles in those results shows me the same cookie-cutter approach I’ve seen before, sprinkled with different company names and colleges, topped off with all new GAN profile photos.
So, I try a few more: “I’ve made a name for herself as an international HR and staffing consultant” and “I am a consummate networker, thinker, traveler.” and
“changing the world through providing quality jobs to people in developing economies”.
These new searches net me a few hundred more profiles to review, new faces and new names, but the song remains the same.
Soon, it becomes obvious we’re dealing with an organized network. One that someone put a lot of time and effort into constructing, maintaining, and leveraging. One that managed to bypass whatever level of scrutiny they were given at sign up and has now gone on to connect with thousands of unsuspecting potential victims. This is the type of threat in the type of setting that can literally ruin a life, a career, or even bring down a company when the wrong person clicks on a link, sends over their resume, agrees to a fake consulting gig, or gives away too much access or information. Sure, they could also be trying to sell you weight loss pills, talk to you about your car warranty, or perhaps something less dastardly… maybe they’re bots, creating profiles to bypass login wall protection and hoover up as much information as they can. One thing is for sure, they’re here for something they probably shouldn’t be.
In case you’re wondering, after taking a handful of these bios and performing the same searches in order to scrape together the results I found more than I expected. Using basic tools & extensions like Remove Breadcrumbs to lengthen the visible URL in the results, and Instant Data Scraper to grab the Google results and pull them into a workable spreadsheet, I was able to capture over 300 profiles sharing the same series of unique bios, then tease out the top job titles in a simple pie chart.
I share all of this as a warning, because even as recently as this week, I’ve read of many more folks complaining about fake profile requests trying to infiltrate their networks. It seems LinkedIn has an ever-growing problem on their hands that’s not going away any time soon. One that appears largely unchecked, and may have already infiltrated your professional network. Don’t become a victim and don’t let your network become a victim, and certainly don’t think for a second that this problem is unique to just this one platform. Take what you’ve read here and use it to protect yourself everywhere you go. Be curious, but be careful.